Directive Blogs
6 Examples of Phishing Attacks Area Businesses Need to Prepare For
Phishing is one of the most prevalent forms of cyberattacks out there today, taking many forms and affecting everyone from individuals to entire organizations. Any business operating today needs to be aware of the numerous shapes that phishing can take.
Here are six common examples:
Bank/PayPal Alert Phishing Scams
“ALERT: We have detected suspicious activity in your bank/PayPal account. Please log in and confirm your account details.”
It doesn’t matter if you do your banking through Sidney Federal Credit Union, NBT, or Community bank; receiving a message that reads like this should be a clear sign that it isn’t actually your financial institution of choice reaching out to you. This is especially true if it includes a link to a website. In fairness, these kinds of messages are frightening to get, but you need to keep a cool head.
Invoice/Payment/Late Bill Scams
“Your payment is PAST DUE. Log in and pay now to prevent your account from being sent to collections.”
Similarly, these messages can be very scary to see, considering how impactful financial issues can be for any person or organization. Many phishing messages will rely on scare tactics, often taking advantage of the highly emotional state that finances and financial issues bring about.
Gift Card Phishing Scams
“Hey, I need you to purchase some gift cards as some client gifts. Use the company card and send the credentials to me directly.”
It’s hard to question messages from a higher-up in a business. Suddenly getting a request from a C-suite member can be an intimidating situation, and just may be enough to cause an employee to comply with whatever a message says. This makes it all the more important to educate your team members about the real threat of these scams, and ideally establish a procedure for these kinds of events just in case one is encountered.
Microsoft/Apple Support Scams
“We have detected a virus on your hardware. Please click the provided link to connect to a live service operative to receive support.”
Here’s an important distinction to make: neither Apple or Microsoft will reach out to you with claims that malware has been detected on your hardware. It’s just not something that they’ll do.
It is, however, something that a scammer, trying to fool you into clicking a link or providing access, will do.
Humanitarian Phishing Scams
“Hello, I am hoping to raise money to help support displaced and starving people around the world. I would really appreciate any donation you can make.”
Look, we aren’t trying to convince you not to donate what you can. Charity is a commendable activity for any individual or business to engage in. That said, it’s important that your donations aren’t actually going to support cybercriminal activity, as these scams try to fool you into doing.
Honestly, it is usually best to ignore emails requesting donations, instead seeking out the opportunity to donate by manually going to the websites of reputable organizations and doing so there.
Lawsuit/Copyright Phishing Scams
“I regret to inform you that your website is hosting images that violate the copyright of one of my clients. Evidence of this has been provided in the included link.”
We’ve talked about this in pretty significant depth before, but it never hurts to reinforce such an important message. In short, a lot of phishers will reach out to a website admin in an attempt to fool them into thinking that they’ve violated some form of copyright, demanding it be taken down and for back payment to be provided, at the threat of drawn-out legal issues and fights.
Of course, the included link will be nothing more than a phishing attack itself.
Train Your Users to Help Prevent Expensive Mistakes
At the end of the day, it’s going to be crucial that your users understand how these attacks work and how to spot them. We can help with that. Let’s have a talk about what we can do for you. Give us a call at 607.433.2200.